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In the Claims 

For the convenience of the Examiner, all pending claims are set forth below, whether 
or not an amendment is made. Please amend the claims as follows: 

1. (Previously Presented) An apparatus, comprising: 

an intrusion detection system (IDS) module coupled to a main central processing unit 
(CPU), the main CPU being operable to communicate a copy of one or more incoming 
packets to the IDS module, the IDS module having an IDS CPU, the IDS module operable to: 

determine that the IDS CPU has reached a particular threshold indicating that the IDS 
module is low on a resource; 

identify a volume associated with the incoming packets in response to the 
determination; and 

communicate feedback information to the main CPU, the feedback information 
signaling that the IDS module is low on the resource, the main CPU operable to respond to 
the feedback information by restricting a number of additional incoming packets that are 
received by the main CPU. 

2. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
identify a plurality of thresholds, one or more of which are operable to trigger the feedback 
information to be communicated to the main CPU by the IDS module, the one or more 
thresholds each representing volume levels reflecting an amount of incoming packets that are 
received by the IDS module, and wherein the main CPU is operable to increase the volume 
associated with the incoming packets in response to receiving additional feedback from the 
IDS module. 

3. (Original) The apparatus of Claim 1, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

4. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
communicate an alarm to a network management element that signals that the IDS module 
has reached a certain volume level associated with an amount of incoming packets received. 
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5. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
execute a transmission control protocol (TCP) reset in order to indicate an attack is being 
seen from a source address such that a connection corresponding to the source address may 
be torn down. 

6. (Original) The apparatus of Claim 1, wherein the IDS module is operable to 
block a source location by establishing an access control list (ACL) that includes the source 
location, wherein communications associated with the source location are restricted as a 
result of being included on the ACL. 

7. (Original) The apparatus of Claim 1, wherein the IDS module and the main 
CPU are included in a network element, the network element being selected from a group of 
elements consisting of: 

(a) a router; 

(b) a bridge; 

(c) a switch; 

(d) a loadbalancer; 

(e) a processor; and 

(f) a gateway. 
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8. (Previously Presented) A method for implementing traffic management, 
comprising: 

receiving, at an intrusion detection system (IDS) module, a copy of one or more 
incoming packets from a main central processing unit (CPU), the IDS module having an IDS 
CPU; 

determining that the IDS CPU has reached a particular threshold indicating that the 
IDS module is low on a resource; 

identifying a volume associated with the incoming packets in response to the 
determination; 

communicating feedback information to the main CPU, the feedback information 
signaling that the IDS module is low on the resource; and 

responding to the feedback information by restricting a number of additional 
incoming packets that are received by the main CPU. 

9. (Original) The method of Claim 8, further comprising: 

identifying a plurality of thresholds, one or more of which are operable to trigger the 
feedback information to be communicated to the main CPU by the IDS module, the one or 
more thresholds each representing volume levels of incoming packets that are received by the 
IDS module. 

10. (Original) The method of Claim 8, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

1 1 . (Original) The method of Claim 8, further comprising: 

communicating an alarm to a network management element that signals that the IDS 
module has reached a certain volume level associated with an amount of incoming packets 
received. 

12. (Original) The method of Claim 8, further comprising: 

executing a transmission control protocol (TCP) reset in order to indicate an attack is 
being seen from a source address such that a connection corresponding to the source address 
may be torn down. 
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13. (Original) The method of Claim 8, further comprising: 

blocking a source location by establishing an access control list (ACL) that includes 
the source location, wherein communications associated with the source location are 
restricted as a result of being included on the ACL. 

14. (Original) The method of Claim 8, further comprising: 

increasing the volume associated with the incoming packets based on additional 
feedback being received from the IDS module, the additional feedback reflecting a reduced 
volume associated with the incoming packets. 

15. (Currently Amended) A computer hardware system for implementing traffic 
management, comprising: 

means for receiving, at an intrusion detection system (IDS) module, a copy of one or 
more incoming packets from a main central processing unit (CPU), the IDS module having 
an IDS CPU; 

means for determining that the IDS CPU has reached a particular threshold indicating 
that the IDS module is low on a resource; 

means for identifying a volume associated with the incoming packets in response to 
the determination; 

means for communicating feedback information to the main CPU, the feedback 
information signaling that the IDS module is low on the resource; and 

means for responding to the feedback information by restricting a number of 
additional incoming packets that are received by the main CPU. 

16. (Currently Amended) The computer hardware system of Claim 15, further 
comprising: 

means for identifying a plurality of thresholds, one or more of which are operable to 
trigger the feedback information to be communicated to the main CPU by the IDS module, 
the one or more thresholds each representing volume levels of incoming packets that are 
received by the IDS module. 
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17. (Currently Amended) The computer hardware system of Claim 15, wherein 
the IDS module communicates with the main CPU based on a selected one of a router blade 
control protocol (RBCP) and a simple network management protocol (SNMP). 

18. (Currently Amended) The computer hardware system of Claim 15, further 
comprising: 

means for communicating an alarm to a network management element that signals 
that the IDS module has reached a certain volume level associated with an amount of 
incoming packets received. 

19. (Currently Amended) The computer hardware system of Claim 15, further 
comprising: 

means for executing a transmission control protocol (TCP) reset in order to indicate 
an attack is being seen from a source address such that a connection corresponding to the 
source address may be torn down. 

20. (Currently Amended) The computer hardware system of Claim 15, further 
comprising: 

means for blocking a source location by establishing an access control list (ACL) that 
includes the source location, wherein communications associated with the source location are 
restricted as a result of being included on the ACL. 

21. (Currently Amended) The computer hardware system of Claim 15, further 
comprising: 

means for increasing the volume associated with the incoming packets based on 
additional feedback being received from the IDS module, the additional feedback reflecting a 
reduced volume associated with the incoming packets. 
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22. (Currently Amended) Software for implementing traffic management, the 
software comprising computer cod e such that when ex e cut e d is A computer-readable storage 
medium having instructions stored thereon, the instructions when executed by one or more 
central processing units (CPUs) are operable to: 

receive, at an intrusion detection system (IDS) module, a copy of one or more 
incoming packets from a main central processing unit (CPU), the IDS module having an IDS 
CPU; 

determine that the IDS CPU has reached a particular threshold indicating that the IDS 
module is low on a resource; 

identify a volume associated with the incoming packets in response to the 
determination; 

communicate feedback information to the main CPU, the feedback information 
signaling that the IDS module is low on the resource; and 

respond to the feedback information by restricting a number of additional incoming 
packets that are received by the main CPU. 

23. (Currently Amended) The medium of Claim 22, wherein th e code if the 
instructions further operable to: 

identify a plurality of thresholds, one or more of which are operable to trigger the 
feedback information to be communicated to the main CPU by the IDS module, the one or 
more thresholds each representing volume levels of incoming packets that are received by the 
IDS module. 

24. (Original) The medium of Claim 22, wherein the IDS module communicates 
with the main CPU based on a selected one of a router blade control protocol (RBCP) and a 
simple network management protocol (SNMP). 

25. (Currently Amended) The medium of Claim 22, wherein the code if the 
instructions further operable to: 

communicate an alarm to a network management element that signals that the IDS 
module has reached a certain volume level associated with an amount of incoming packets 
received. 
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26. (Currently Amended) The medium of Claim 22, wherein the code if the 
instructions further operable to: 

execute a transmission control protocol (TCP) reset in order to indicate an attack is 
being seen from a source address such that a connection corresponding to the source address 
may be torn down. 

27. (Currently Amended) The medium of Claim 22, wherein the code if the 
instructions further operable to: 

block a source location by establishing an access control list (ACL) that includes the 
source location, wherein communications associated with the source location are restricted as 
a result of being included on the ACL. 

28. (Currently Amended) The medium of Claim 22, wherein the code if the 
instructions further operable to: 

increase the volume associated with the incoming packets based on additional 
feedback being received from the IDS module, the additional feedback reflecting a reduced 
volume associated with the incoming packets. 
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